key change for TCP-MD5

• Previous message (by thread): key change for TCP-MD5
• Next message (by thread): key change for TCP-MD5
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>> The added cost for CPU-bound systems is that they have to try
>> (potentially) multiple keys before getting the **right** key
>> but in real life this can be easily mitigated by having a rating
>> system on the key based on the frequency of success.
> 
> This mitigates the effect of authenticating valid packets. However,
> this does not appear to help at all in terms of minimizing the DOS
> effect of an intentional DoS attack that uses authenticated packets
> (with the processing time required to check the keys the intended
> damage of the attack).

gstm

• Previous message (by thread): key change for TCP-MD5
• Next message (by thread): key change for TCP-MD5
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]